IT baseline security system ISKE

Between 2003 and 2022, a three-tier system of baseline security of information systems (ISKE) was in place to ensure the information security of national and local government databases. Starting from 2023, the Estonian Information Security Standard regulates the information security of organisations performing public functions.

ISKE was created primarily to ensure the security of the information systems used to maintain national and local government databases and the information assets connected thereto. The preparation and development of ISKE was based on a German information security standard – IT Baseline Protection Manual (IT-Grundschutz in German).

ISKE described three security levels: low (L), medium (M), and high (H). The corresponding security level was determined by assigning security classes (security subclasses) to the data. The assignment of security classes was based on the confidentiality, integrity and availability of the information.

The first version of the ISKE implementation manual was completed by October 2003. The last version of the ISKE implementation manual was published in January 2017.

ISKE information security system was in effect until 31 December 2022.

Starting from 1 January 2023, the Estonian Information Security Standard applies.

Last updated: 08.08.2023